<?php
declare (strict_types = 1);

namespace app\middleware;

use Closure;
use app\Request;
use think\Response;

class CorsMiddleware
{
    /**
     * 处理请求
     *
     * @param Request $request
     * @param Closure $next
     * @return mixed|void
     */
    public function handle($request, Closure $next)
    {
        // 获取web域名
        $domainWeb = config('domain.web');

        // 路由中间件在路由check之后执行 -!!!-
        // header('Access-Control-Allow-Origin: ' . $domainWeb);
        header('Access-Control-Allow-Origin: *');
        header('Access-Control-Allow-Credentials: false');
        header('Access-Control-Max-Age: 1800');
        header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS');
        header('Access-Control-Allow-Headers: *');
        if (strtoupper($request->method()) == 'OPTIONS') {
            return Response::create();
        }
        return $next($request);
    }
}
